package com.qing.study.controller;

import com.qing.study.comm.Result;
import com.qing.study.service.TokenService;
import io.swagger.annotations.Api;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

@Api(tags = "根据key和secret获取access_token")
@RestController
@RequestMapping("/auth")
public class AuthenticationController {

    @Autowired
    private TokenService tokenService;

    @PostMapping("/getToken")
    public Result authenticate(@RequestBody Map<String, String> credentials) {
        String appKey = credentials.get("appKey");
        String appSecret = credentials.get("appSecret");

        // 验证appkey和appsecret（这里只是示例，实际项目中需要实现具体的验证逻辑）
        if ("lx".equals(appKey) && "921".equals(appSecret)) {
            String accessToken = tokenService.generateAccessToken(appKey);
            return Result.ok(accessToken);
        } else {
            return Result.error(1004, "不合法的 AppKey or AppSecret");
        }
    }
}
